Should I use IP addresses from the Gateway Subnet in an Azure VPN?

azure vpn azure-virtual-network azure-vpn
12,397

Solution 1

The answer is no. Do not use the gateway subnet.

I eventually found exactly what I required on this Microsoft page. Specifically:

And don't deploy VMs or anything else to the gateway subnet.

and

Can I deploy Virtual Machines or role instances to my gateway subnet?

No.

Solution 2

By default, VPN gateways are deployed as two instances in an active/standby configuration, even if you only see one VPN gateway resource in Azure. When planned maintenance or unplanned disruption affects the active instance, the standby instance automatically assumes responsibility for connections without any user intervention. Connections are interrupted during this failover, but they're typically restored within a few seconds for planned maintenance and within 90 seconds for unplanned disruptions.

The new guidance is now - Use at least a /27 address mask for the gateway subnet.

Share:
12,397
TrevorJ
Author by

TrevorJ

Updated on June 15, 2022

Comments

  • TrevorJ
    TrevorJ almost 2 years

    I am configuring an Azure VPN with site-to-site connectivity to a large enterprise customer. I have configured the following address space:Address space config

    Now the customer has asked "Could you please send us traffic with one ip address, instead of range (192.168.2.0/27)"

    I will only have one VM on the VPN so I can pick any IP in the range, but should I pick one from the Subnet-1 range or the Gateway range? What will the customer see our traffic as coming from?

    Edit Once I answered my own question I realised how poor the title was so I've edited it.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Site-to-site VPN vs point-to-site VPN
Giving a DNS name to Azure Load Balancer
Why is the ID for a subnet created using Azure Resource Manager Powershell cmdlets null?
Why does Azure Application Gateway require an empty subnet
How to select client certificate for Azure Point-to-Site VPN, to fix (Error 789)
Setup Azure VM - Connect to internet
Allowing access to MS SQL database through VPN
Azure - multiple virtual network gateways?
Simplest solution for OS X Point-to-Site VPN access to an Azure VNet
Azure Point-to-Site VPN but no DNS